thr3ads.net - Shorewall users - [Shorewall-users] Help with terminal services [Aug 2003]

If this information is useful, please help other people find it:
Share via:

honey2000

2003-Aug-18 07:48 UTC

[Shorewall-users] Help with terminal services

Hello, i have one firewall conected with adsl, my adsl 
ip is 10.0.0.138 (local) i need create one rule to 
redirect de terminal services conexions in firewall 3389 
to local machine 192.168.1.13, how i do?, i try with 
many options and i can?t.

When i try i have the following terminal services 
messages:

The client cannot connect to server terminal...

can we help-me?

tks

#########################################################
#####################
#ACTION         SOURCE          DEST            PROTO   
DEST    SOURCE  ORIGINAL
#                                                       
PORT    PORT(S) DEST
#
#       Accept DNS connections from the firewall to the 
network
#
ACCEPT          net             fw              tcp     
3389
ACCEPT          net             loc             tcp     
3389
ACCEPT          loc             net             tcp     
3389
ACCEPT          loc             fw              tcp     
3389
ACCEPT          fw              loc             tcp     
3389
ACCEPT          fw              net             tcp     
3389
ACCEPT          fw              net             tcp     
53
ACCEPT          fw              net             udp     
53
ACCEPT          loc             fw              udp     
53
ACCEPT          fw              net             tcp     
80
ACCEPT          fw              loc             tcp     
80
ACCEPT          loc             fw              tcp     
80
ACCEPT          net             fw              tcp     
80

# Regra para Alexandre nao acessar a net
REJECT          loc:192.168.1.14        net             
tcp     80
#
#       Accept SSH connections from the local network 
for administration
#
ACCEPT          loc             fw              tcp     
22
ACCEPT          net             fw              tcp     
22
#REDIRECT       net             3389            tcp     
3389    -       192.168.1.13
#DNAT           net             loc:192.168.1.13        
tcp     3389
#ACCEPT         net             loc:192.168.1.13        
tcp     3389    -       all
#ACCEPT         fw              loc:192.168.1.13        
tcp     3389
#ACCEPT         loc:192.168.1.13        net     tcp     
3389
#ACCEPT         loc:192.168.1.13        fw      tcp     
3389
#
#       Allow Ping To And From Firewall
#
ACCEPT          loc             fw              icmp    8


 
__________________________________________________________________________
Acabe com aquelas janelinhas que pulam na sua tela.
AntiPop-up UOL - ? gr?tis!
http://antipopup.uol.com.br/

Tom Eastep

2003-Aug-18 09:10 UTC

head link

[Shorewall-users] Help with terminal services

On Mon, 2003-08-18 at 07:48, honey2000 wrote:

DNAT           net             loc:192.168.1.13        tcp     3389

If you have problems with that rule, see FAQs 1b and 2c for information
about troubleshooting port forwarding problems. 

-Tom
-- 
Tom Eastep    \ Shorewall - iptables made easy
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep@shorewall.net

Tom Eastep

2003-Aug-18 09:15 UTC

head link

[Shorewall-users] Help with terminal services

On Mon, 2003-08-18 at 09:10, Tom Eastep wrote:> On Mon, 2003-08-18 at 07:48, honey2000 wrote:
> 
> DNAT           net             loc:192.168.1.13        tcp     3389
> 
> If you have problems with that rule, see FAQs 1b and 2c for information
> about troubleshooting port forwarding problems. 
> 
Make that "1b and 1c"...

-Tom
-- 
Tom Eastep    \ Shorewall - iptables made easy
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep@shorewall.net

Shorewall users - Aug 2003 - Help with terminal services

[Shorewall-users] Help with terminal services

[Shorewall-users] Help with terminal services

[Shorewall-users] Help with terminal services